They say imitation is the sincerest
form of flattery, so it was flattering that Oracle finally woke up
to the power of machine data and the importance of security and has
been attempting to take aim at Splunk
this
week with the announcement of the “Oracle Management and Security
Cloud.” However, despite their attempt at a direct comparison to
Splunk, their offering is so little like Splunk, that we’re only a
little flattered.

The thing that
worries me the most about Oracle’s apparent new data offering isn’t
their deep misunderstanding of how and why Splunk is able to so
effectively deliver amazing value to our customers - it’s their
fundamental lack of knowledge and understanding of the security
market. This is serious business that requires a community to
support those amazing cyber warriors that live on the front lines
daily. It’s not time for rhetoric from a company with a record of
under serving and gouging their customers. After 10+ years of
serving millions and millions of end users, in this vitally critical
societal topic, we are very appreciative of what it takes to help
our customers be successful. The Splunk platform is recognized by
Gartner as a Leader in security
and Splunk is one of the creators of AIOps.
Here are some actual facts.

"Oracle
Management Cloud delivers a complete data architecture through a
unified entity model that spans topology, associations,
telemetry and threats. In contrast, Splunk has no real entity
model and leaves data in many disparate vendor silos."

Like all database oriented people, your solution to building an
integrated view of a complex situation is to centralize all the data
into a single store. The scale and speed of today’s universe of
millions of data feeds make that approach a non-starter. We have
customers indexing petabytes of data a day from hundreds to
thousands of data sources and using that same data for multiple use
cases. Splunk turns data into answers, applying schema on read to
give structure to the data when you ask the question and not force
entities when you write it (presumably to an Oracle database which
is... again… convenient).

Virtual integration
is the new path, dynamically integrating data on a just-in-time
basis as opposed to collecting it on a “just-in-case basis.” The
data will stay in those disparate silos—the knowledge won’t.

But don’t take my
word for it, we have a huge body of customers leveraging Splunk to
ingest data from multiple sources across their organization. For
example, Rackspace
ingests nearly three terabytes of data per day across security,
compliance, DevOps, business intelligence, application management
and IT operations data sources.

Just wrong. We make machine data accessible, usable and valuable to
everyone and we’re doing the same with machine learning. If you are
a data scientist and want to build your own algorithms then, yes, we
have a machine learning toolkit. But we’ve also seamlessly
integrated machine learning for ITOA in Splunk IT Service
Intelligence and the same for security with Splunk User Behavior
Analytics. This puts answers directly into the hands of anyone in
IT, security or the business, no data science degree required.

There is no such thing as a wall-to-wall
Oracle customer. Companies live in a heterogeneous world. If you are
focused on serving and adding value to customers, then any mission
critical solution must recognize this. In contrast, Splunk acts as
the Security and IT “nerve
center” for
our customers, built from the ground up to sense and respond to
incidents with an ecosystem approach.

In security we have an
ecosystem of 40 vendor partners through the Adaptive Response
Initiative,
which helps security analysts handle threats through direct
integrations with the top security vendors, enabling a unified
defense. For example, Splunk partners with ForeScout to help give
Brown-Forman visibility and control of devices connecting to its
network in order to detect threats and execute a response faster
than ever before.

In
IT, we integrate with industry-leading automation, provisioning,
helpdesk and ticketing systems, so if Splunk spots an incident, we
work with your heterogeneous IT landscape to take the right action.
For example, triggering a ServiceNow ticket for an IT fix or
spinning up new AWS instance when more capacity is needed.

Larry did get one
thing right, and that’s that Splunk "kind of invented the log
analytics category." We thank him for the compliment. What started
as “Google for IT” has evolved into an enterprise machine data
platform. We talk a lot about rapidly driving value for our
customers here at Splunk, and our customers use our platform to make
real differences to their business. Aflac
has blocked over two million security threats with Splunk solutions.
Gatwick Airport
gets 95 percent of passengers through security in 5 minutes or less
to maximise revenue. The State of Louisiana
saved $70 million by accelerating modernization and consolidating
legacy IT.